Vulnerability in Adobe Magento

CVE-2020-9691

Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Successful exploitation could lead to arbitrary code execution.

EPSS: 0.028 (86.4th percentile) — read the EPSS interpretation.

Affected products

Adobe Magento — versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier versions

References

helpx.adobe.com/security/products/magento/apsb20-47.html (x_refsource_CONFIRM)